How to install OpenVPN server on Raspberry Pi

-

  1. Download Raspberry Pi Imager.
  2. Install Raspberry Pi OS Lite on 16GB microSD card.
    Remember to click the Setting icon to enter your Wifi SSID and password as well as enabling SSH and default username:pi and password: raspberry 
  3. Insert the microSD card onto the Raspberry Pi and power it up via USB power supply.
  4. Get the IP address of the Raspberry Pi (via HDMI or wifi-router web-console) then configure port forwarding on the router WAN interface for TCP 443 to the IP address of the Raspberry Pi.
  5. Download PuTTY and run it to connect to Raspbian via SSH (Host Name: IP Address of the Raspberry Pi then click Open and if prompted by Putty alert, click Yes) then login as:pi and password:raspberry.
  6. To change default password and timezone use the following command: sudo raspi-config
  7. Run curl -L https://install.pivpn.io | bash and follow the wizard to install OpenVPN server. When prompted:
    Protocol, select TCP 443 then Ok
    Custom search domain, select No
    DNS provider, select Google then Ok
    Public IP if you have static public IP address or enter your public DNS entry then Ok
    OpenVPN 2.4 can use Elliptic Curves... select Yes
    Select 256 then Ok
    Unattended Upgrades select Yes
    Reboot, select Yes
  8. Use PuTTY to reconnect to Raspbian via SSH and use the following command to create an ovpn file for a client (i.e. Android mobile, iPad, etc.):
    pivpn -a
  9. On Windows command prompt, run pscp pi@x.x.x.x:/home/pi/ovpns/TheClientNameEnteredOnPreviousStep.ovpn c:\temp  to copy the TheClientNameEnteredOnPreviousStep.ovpn file to local drive.
  10. Transfer the TheClientNameEnteredOnPreviousStep.ovpn file via email or Google Drive to your phone or tablet and import it using OpenVPN client app.
Note:
I have tested the speed on UDP and it performed better than TCP, however in this example we use TCP 443 (similar port as https traffic) to increase success rate of connection when there's a firewall that blocks other ports (i.e. office firewall or when travelling to certain countries).

If you need to run another instance of OpenVPN server on another port (i.e. UDP 53) on the same Raspberry Pi, copy /etc/openvpn/server.conf  to the same folder (i.e. /etc/openvpn/server_udp53.conf) then edit the dev and proto and port and server subnet and save the file.
Also edit /etc/iptables/rules.v4 file to allow the new instance of OpenVPN server subnet to access the internet.
Remember to reboot Raspberry Pi afterwards using the the following command
sudo shutdown -r now

Comments

Post a Comment

Popular posts from this blog

How to paginate SSRS Report to solve rendering performance issue on Internet Explorer

-
Image
Problem I've encountered slow performance issue on SSRS report rendering on Internet Explorer. It took 15 minutes to render a report on IE. Solution Right-click on the first row of Row Groups and select Add Group | Parent Group... Click fx button when prompted When prompted Set expression for: GroupExpression, type the following formula: =Ceiling(RowNumber(Nothing)/100)  then click OK | OK. Ensure Page Breaks | Between each instance of a group is checked Remember to delete the Sorting fx that was automatically populated otherwise you may encounter error when saving the changes: Right-click on the newly created group ( Group1 ) and select Delete Columns  | Delete group only then click OK . Explanation You can adjust the number of row per page (i.e. changing 100 on the formula to any number) to suit your needs however this pagination will affect interactive and non-interactive rendering. Also if you need to paginate the subsequent row (second, third, etc.) of th
Read more

How to search Active Directory group members using Windows 10 built-in tools

-
Image
Problem I need to check Active Directory group members but have limited access to install any software on a remote Windows machine running on Windows Virtual Desktop infrastucture. Solution To search for the group name, open  File Explorer | Network | Network | Search Active Directory and if you cannot see the members on the result column, you can run cmd.exe and use the following command to see the members of the Active Directory group: net group THE_AD_GROUP_NAME /domain
Read more